Join Us on April 12th for our Healthcare P2PE Webinar with HIMSS

On April 12th, in conjunction with the Healthcare Information Management Systems Society (HIMSS), Bluefin’s Chief Strategy Officer, Ruston Miles, will provide an educational overview on PCI-validated Point-to-Point Encryption (P2PE) and its benefits to healthcare organizations. Register for the 1 pm EST webinar here.

In 2017, the Identity Theft Resource Center (ITRC) reported 374 healthcare data breaches that compromised over 5 million records, with hacking – specifically ransomware and malware – as the leading attack vector.

But why do hackers breach healthcare systems? To find valuable payment and personal data that can be resold on the black market. Malware was the culprit in the multi-million-dollar Anthem and Target data breaches. While hackers got into the networks through a faulty firewall or third-party vendor, once in they were able to install malware that located unencrypted credit card information — which was then sent to remote servers, packaged and resold to fraudsters.

In order to protect patient payment data from malware, healthcare organizations are turning to security technologies such as PCI-validated Point-to-Point Encryption (P2PE). PCI-validated P2PE solutions encrypt patient cardholder data at the Point of Interaction (POI) in a PCI-approved P2PE payment terminal and decryption is done outside of the healthcare payment environment in an approved Hardware Security Module (HSM). PCI-validated P2PE prevents clear-text cardholder data from being present in a healthcare organization’s system or network where it could be accessible in the event of a data breach.

This webinar will provide a detailed overview on the state of data breaches, current payment security technologies, the role of PCI-validated P2PE in protecting card data, validated vs. non-validated solutions, and the scope reduction and cost savings of PCI P2PE. Specifically, it will cover:

The current state of payment security

How malware operates to steal credit card data

The role of EMV (chip cards), Tokenization and P2PE

The origin of PCI-validated P2PE and how it differs from non-validated solutions